package com.lb.activity.config.shiro;

import com.lb.activity.po.*;
import com.lb.activity.service.PermissionService;
import com.lb.activity.service.RolePermissionService;
import com.lb.activity.service.UserRoleService;
import com.lb.activity.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;

/**
 * Created with IntelliJ IDEA.
 * Description: 自定义reaml
 * User: liubin
 * Date: 2017-11-02
 * Time: 上午 9:30
 * @author 001030
 */
public class AuthRealm extends AuthorizingRealm{

    @Resource
    private UserService adminUserService;
    @Resource
    private UserRoleService userRoleService;
    @Resource
    private RolePermissionService rolePermissionService;
    @Resource
    private PermissionService adminPermissionService;

    /**
     * 授权
     * 如果效率慢，需在实体中增加set属性
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        User user = (User) principals.fromRealm(this.getClass().getName()).iterator().next();
        List<String> permissions = new ArrayList<String>();
        List<UserRole> roles = userRoleService.getUserRoles(user.getId());
        if(roles.size()>0){
            for (UserRole role : roles){
                List<RolePermission> rolePermissions = rolePermissionService.getRolePermissions(role.getRoleid());
                if(rolePermissions.size()>0){
                    Permission  storeAdminPermission;
                    for(RolePermission rolePermission : rolePermissions){
                        storeAdminPermission = adminPermissionService.getPermission(rolePermission.getPermissionid());
                        if(storeAdminPermission!=null){
                            permissions.add(storeAdminPermission.getPercode());
                        }
                    }
                }
            }
        }
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //将权限放入shiro中
        info.addStringPermissions(permissions);
        return info;
    }


    /**
     * 认证
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken utoken = (UsernamePasswordToken) token;
        String uname = utoken.getUsername();
        User adminUser = adminUserService.getAdminUserByLoginName(uname);
        User user = adminUserService.userLogin(uname,new String(utoken.getPassword()));
        if(user != null){
            Subject currentUser = SecurityUtils.getSubject();
            Session session = currentUser.getSession();

            //剔除用户(暂时NO)
            //session.setAttribute("adminUser", user);
            //放入shiro供CredentialsMatcher检验密码
            return new SimpleAuthenticationInfo(adminUser,adminUser.getPassword(),this.getClass().getName());
        }
        //exception
        return  null;
    }


}